@opengis/fastify-table 2.0.131 → 2.0.132

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (18) hide show
  1. package/dist/server/plugins/crud/funcs/getAccess.js +1 -1
  2. package/dist/server/routes/crud/controllers/deleteCrud.d.ts.map +1 -1
  3. package/dist/server/routes/crud/controllers/deleteCrud.js +7 -1
  4. package/dist/server/routes/crud/controllers/insert.d.ts.map +1 -1
  5. package/dist/server/routes/crud/controllers/insert.js +7 -1
  6. package/dist/server/routes/crud/controllers/table.d.ts.map +1 -1
  7. package/dist/server/routes/crud/controllers/table.js +7 -1
  8. package/dist/server/routes/crud/controllers/update.d.ts.map +1 -1
  9. package/dist/server/routes/crud/controllers/update.js +7 -1
  10. package/dist/server/routes/table/controllers/card.d.ts.map +1 -1
  11. package/dist/server/routes/table/controllers/card.js +1 -1
  12. package/dist/server/routes/table/controllers/cardData.d.ts.map +1 -1
  13. package/dist/server/routes/table/controllers/cardData.js +6 -0
  14. package/dist/server/routes/table/controllers/getFormByTable.d.ts.map +1 -1
  15. package/dist/server/routes/table/controllers/getFormByTable.js +7 -1
  16. package/dist/server/routes/table/functions/getData.d.ts.map +1 -1
  17. package/dist/server/routes/table/functions/getData.js +10 -4
  18. package/package.json +1 -1
package/dist/server/plugins/crud/funcs/getAccess.js CHANGED
@@ -31,7 +31,7 @@ where $1 in (a.route_id, a.alias, a.table_name) and $2 in (b.user_uid, d.user_ui
31
31
  export default async function getAccess({ table, form, user = {}, method = 'GET' }, pg = pgClients.client) {
32
32
  if (!table)
33
33
  return null;
34
- const hookData = await applyHook("getAccess", { table, user, pg });
34
+ const hookData = await applyHook("getAccess", { table, user, pg, method });
35
35
  if (hookData)
36
36
  return hookData;
37
37
  const { uid, user_type: userType = "regular" } = user;
package/dist/server/routes/crud/controllers/deleteCrud.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"deleteCrud.d.ts","sourceRoot":"","sources":["../../../../../server/routes/crud/controllers/deleteCrud.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,SAAS,CAAC;AAa5C,wBAA8B,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,YAAY,kBA8HrE"}
1
+ {"version":3,"file":"deleteCrud.d.ts","sourceRoot":"","sources":["../../../../../server/routes/crud/controllers/deleteCrud.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,SAAS,CAAC;AAa5C,wBAA8B,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,YAAY,kBAsIrE"}
package/dist/server/routes/crud/controllers/deleteCrud.js CHANGED
@@ -36,7 +36,13 @@ export default async function deleteCrud(req, reply) {
36
36
  code: 403,
37
37
  });
38
38
  }
39
- const { actions = [] } = (await getAccess({ table: del, id, user, method }, pg)) || {};
39
+ const { actions = [], message: accessMessage } = (await getAccess({ table: del, id, user, method }, pg)) || {};
40
+ if (accessMessage) {
41
+ return reply.status(403).send({
42
+ error: accessMessage,
43
+ code: 403,
44
+ });
45
+ }
40
46
  if (!tokenData &&
41
47
  !config?.local &&
42
48
  !config.security?.disableToken &&
package/dist/server/routes/crud/controllers/insert.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"insert.d.ts","sourceRoot":"","sources":["../../../../../server/routes/crud/controllers/insert.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,SAAS,CAAC;AAe5C,wBAA8B,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,YAAY,kBA6KjE"}
1
+ {"version":3,"file":"insert.d.ts","sourceRoot":"","sources":["../../../../../server/routes/crud/controllers/insert.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,SAAS,CAAC;AAe5C,wBAA8B,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,YAAY,kBAqLjE"}
package/dist/server/routes/crud/controllers/insert.js CHANGED
@@ -38,7 +38,13 @@ export default async function insert(req, reply) {
38
38
  (config.security?.disableToken || config.local || config.auth?.disable
39
39
  ? req.params
40
40
  : {});
41
- const { actions = [] } = (await getAccess({ table: add, form, user, method }, pg)) || {};
41
+ const { actions = [], message: accessMessage } = (await getAccess({ table: add, form, user, method }, pg)) || {};
42
+ if (accessMessage) {
43
+ return reply.status(403).send({
44
+ error: accessMessage,
45
+ code: 403,
46
+ });
47
+ }
42
48
  if (!tokenData &&
43
49
  !config.local &&
44
50
  !config.security?.disableToken &&
package/dist/server/routes/crud/controllers/table.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"table.d.ts","sourceRoot":"","sources":["../../../../../server/routes/crud/controllers/table.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAc5C,wBAA8B,QAAQ,CACpC,GAAG,EAAE,GAAG,EACR,KAAK,EAAE,YAAY,EACnB,MAAM,EAAE,GAAG,gBAmOZ"}
1
+ {"version":3,"file":"table.d.ts","sourceRoot":"","sources":["../../../../../server/routes/crud/controllers/table.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAc5C,wBAA8B,QAAQ,CACpC,GAAG,EAAE,GAAG,EACR,KAAK,EAAE,YAAY,EACnB,MAAM,EAAE,GAAG,gBA0OZ"}
package/dist/server/routes/crud/controllers/table.js CHANGED
@@ -41,13 +41,19 @@ export default async function tableAPI(req, reply, called) {
41
41
  if (!table && !id) {
42
42
  return reply.status(400).send("not enough params");
43
43
  }
44
- const { actions = [], query: accessQuery } = (await getAccess({
44
+ const { actions = [], query: accessQuery, message: accessMessage } = (await getAccess({
45
45
  table: templateName,
46
46
  form,
47
47
  id,
48
48
  user,
49
49
  method,
50
50
  }, pg)) || {};
51
+ if (accessMessage) {
52
+ return reply.status(403).send({
53
+ error: accessMessage,
54
+ code: 403,
55
+ });
56
+ }
51
57
  if (!tokenData &&
52
58
  !config?.local &&
53
59
  !config.security?.disableToken &&
package/dist/server/routes/crud/controllers/update.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"update.d.ts","sourceRoot":"","sources":["../../../../../server/routes/crud/controllers/update.ts"],"names":[],"mappings":"AAeA,wBAA8B,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,gBA8LxD"}
1
+ {"version":3,"file":"update.d.ts","sourceRoot":"","sources":["../../../../../server/routes/crud/controllers/update.ts"],"names":[],"mappings":"AAeA,wBAA8B,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,gBAqMxD"}
package/dist/server/routes/crud/controllers/update.js CHANGED
@@ -40,13 +40,19 @@ export default async function update(req, reply) {
40
40
  (config.security?.disableToken || config.local || config.auth?.disable
41
41
  ? params
42
42
  : {});
43
- const { actions = [] } = (await getAccess({
43
+ const { actions = [], message: accessMessage } = (await getAccess({
44
44
  table: edit,
45
45
  form,
46
46
  id,
47
47
  user,
48
48
  method,
49
49
  }, pg)) || {};
50
+ if (accessMessage) {
51
+ return reply.status(403).send({
52
+ error: accessMessage,
53
+ code: 403,
54
+ });
55
+ }
50
56
  if (!tokenData &&
51
57
  !config.local &&
52
58
  !config.security?.disableToken &&
package/dist/server/routes/table/controllers/card.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"card.d.ts","sourceRoot":"","sources":["../../../../../server/routes/table/controllers/card.ts"],"names":[],"mappings":"AAOA,wBAA8B,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,gBAmItD"}
1
+ {"version":3,"file":"card.d.ts","sourceRoot":"","sources":["../../../../../server/routes/table/controllers/card.ts"],"names":[],"mappings":"AAOA,wBAA8B,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,gBAoItD"}
package/dist/server/routes/table/controllers/card.js CHANGED
@@ -18,7 +18,7 @@ export default async function card(req, reply) {
18
18
  : hookData.message;
19
19
  return reply.status(hookData.status).send(response);
20
20
  }
21
- const { actions = [], scope, my, } = (await getAccess({
21
+ const { actions = [], scope, my, message: accessMessage, } = (await getAccess({
22
22
  table: hookData?.table || params.table,
23
23
  id: hookData?.id || params?.id,
24
24
  user,
package/dist/server/routes/table/controllers/cardData.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"cardData.d.ts","sourceRoot":"","sources":["../../../../../server/routes/table/controllers/cardData.ts"],"names":[],"mappings":"AAuBA,wBAA8B,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,gBAuO7D"}
1
+ {"version":3,"file":"cardData.d.ts","sourceRoot":"","sources":["../../../../../server/routes/table/controllers/cardData.ts"],"names":[],"mappings":"AAuBA,wBAA8B,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,gBA8O7D"}
package/dist/server/routes/table/controllers/cardData.js CHANGED
@@ -23,6 +23,12 @@ export default async function getCardData(req, reply) {
23
23
  const time = Date.now();
24
24
  const template = await getTemplate("card", table);
25
25
  const access = (await getAccess({ table, id, user, method }, pg));
26
+ if (access?.message) {
27
+ return reply.status(403).send({
28
+ error: access.message,
29
+ code: 403,
30
+ });
31
+ }
26
32
  if (!access?.actions?.length) {
27
33
  return reply.status(403).send("access restricted");
28
34
  }
package/dist/server/routes/table/controllers/getFormByTable.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"getFormByTable.d.ts","sourceRoot":"","sources":["../../../../../server/routes/table/controllers/getFormByTable.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAY5C,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAUzD,wBAA8B,OAAO,CACnC,EACE,EAAqB,EACrB,MAAM,EACN,IAAS,EACT,KAAU,EACV,MAAM,GACP,EAAE;IACD,EAAE,EAAE,UAAU,CAAC;IACf,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,EAAE,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IACtC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC1B,KAAK,EAAE;QAAE,IAAI,CAAC,EAAE,GAAG,CAAA;KAAE,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;CAChB,EACD,KAAK,EAAE,YAAY,gBAsKpB"}
1
+ {"version":3,"file":"getFormByTable.d.ts","sourceRoot":"","sources":["../../../../../server/routes/table/controllers/getFormByTable.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAY5C,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAUzD,wBAA8B,OAAO,CACnC,EACE,EAAqB,EACrB,MAAM,EACN,IAAS,EACT,KAAU,EACV,MAAM,GACP,EAAE;IACD,EAAE,EAAE,UAAU,CAAC;IACf,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,EAAE,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IACtC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC1B,KAAK,EAAE;QAAE,IAAI,CAAC,EAAE,GAAG,CAAA;KAAE,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;CAChB,EACD,KAAK,EAAE,YAAY,gBA6KpB"}
package/dist/server/routes/table/controllers/getFormByTable.js CHANGED
@@ -36,7 +36,13 @@ export default async function getForm({ pg = pgClients.client, params, user = {}
36
36
  if (!form) {
37
37
  // return reply.status(404).send("form not found");
38
38
  }
39
- const { actions = [] } = (await getAccess({ table, id: edit, form, user, method }, pg)) || {};
39
+ const { actions = [], message: accessMessage } = (await getAccess({ table, id: edit, form, user, method }, pg)) || {};
40
+ if (accessMessage) {
41
+ return reply.status(403).send({
42
+ error: accessMessage,
43
+ code: 403,
44
+ });
45
+ }
40
46
  const loadTemplate = await getTemplate("form", form || params.name);
41
47
  if (!loadTemplate) {
42
48
  return reply.status(404).send("form template not found");
package/dist/server/routes/table/functions/getData.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"getData.d.ts","sourceRoot":"","sources":["../../../../../server/routes/table/functions/getData.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC5C,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AA4EzD,wBAA8B,OAAO,CACnC,EACE,EAAqB,EACrB,MAAM,EACN,KAAK,EACL,EAAE,EACF,OAAY,EACZ,KAAU,EACV,IAAS,EACT,YAAY,EACZ,KAAY,EACZ,UAAU,EACV,OAAO,EAAE,YAAY,EACrB,WAAW,EAAE,gBAAgB,EAC7B,OAAO,EAAE,YAAY,GACtB,EAAE;IACD,EAAE,CAAC,EAAE,UAAU,CAAC;IAChB,MAAM,CAAC,EAAE;QAAE,EAAE,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IACxD,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC9B,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC3B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,UAAU,CAAC,EAAE,GAAG,EAAE,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;CACpB,EACD,MAAM,CAAC,EAAE,YAAY,EACrB,MAAM,CAAC,EAAE,GAAG,gBAs0Bb"}
1
+ {"version":3,"file":"getData.d.ts","sourceRoot":"","sources":["../../../../../server/routes/table/functions/getData.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC5C,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AA4EzD,wBAA8B,OAAO,CACnC,EACE,EAAqB,EACrB,MAAM,EACN,KAAK,EACL,EAAE,EACF,OAAY,EACZ,KAAU,EACV,IAAS,EACT,YAAY,EACZ,KAAY,EACZ,UAAU,EACV,OAAO,EAAE,YAAY,EACrB,WAAW,EAAE,gBAAgB,EAC7B,OAAO,EAAE,YAAY,GACtB,EAAE;IACD,EAAE,CAAC,EAAE,UAAU,CAAC;IAChB,MAAM,CAAC,EAAE;QAAE,EAAE,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IACxD,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC9B,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC3B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,UAAU,CAAC,EAAE,GAAG,EAAE,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;CACpB,EACD,MAAM,CAAC,EAAE,YAAY,EACrB,MAAM,CAAC,EAAE,GAAG,gBA60Bb"}
package/dist/server/routes/table/functions/getData.js CHANGED
@@ -128,15 +128,21 @@ export default async function dataAPI({ pg = pgClients.client, params, table, id
128
128
  return reply.status(404).send("template not found");
129
129
  }
130
130
  const objectId = tokenData?.id || hookData?.id || params?.id || id;
131
- const { actions = [], query: accessQuery } = actionsParam
132
- ? { actions: actionsParam, query: accessQueryParam || "1=1" }
131
+ const { actions = [], query: accessQuery, message: accessMessage } = actionsParam
132
+ ? { actions: actionsParam, query: accessQueryParam || "1=1", message: undefined }
133
133
  : (await getAccess({
134
134
  table: templateName,
135
135
  id: objectId,
136
136
  user,
137
137
  method,
138
- }, pg));
139
- const body = loadTable || hookData || tokenData;
138
+ }, pg)) || {};
139
+ if (accessMessage) {
140
+ return reply.status(403).send({
141
+ error: accessMessage,
142
+ code: 403,
143
+ });
144
+ }
145
+ // const body = loadTable || hookData || tokenData;
140
146
  const { table: table1, columns = [], sql, cardSql, form, meta, sqlColumns, public: ispublic, editable = false, } = loadTable || hookData || tokenData || params || { table };
141
147
  if (!ispublic && !user?.uid && !called) {
142
148
  return reply.status(401).send({ error: "unauthorized", code: 401 });
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@opengis/fastify-table",
3
- "version": "2.0.131",
3
+ "version": "2.0.132",
4
4
  "type": "module",
5
5
  "description": "core-plugins",
6
6
  "keywords": [